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DETAILED ACTION 

Claims 1-16 have been reconsidered. Having fully and carefully considered the applicant's 
remarks in the Appeal Brief filed 8/5/05, the examiner has re-opened with new art and made this action 
non-final accordingly. 

5 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

Claims 1-2 and 9-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Yacobi, 
U.S. Patent No. 5,878,138, in view of Texas DPS (Texas Department of Public Safety. Frequently Asked 
Questions. October 12, 1999. pages 1-4. Retrieved from the Internet at the following URL: 
20 http://web.archive.org/web/20000303141313/www.txdps.state.tx.us/administration/driverjicensing_con 
l/faq.htm). 



10 



15 



As per claims 1 and 9, the applicant describes a method of preventing ID spoofing of public key 
infrastructure system in an enterprise comprising the following limitations which are met by Yacobi in view 
25 of Texas DPS: 

a) allowing a user to access a registration server (Yacobi: Col 8, line 50 to Col 9, line 23); 

b) upon the registration server receiving identification information from the user and also receiving 
a request by the user for a new signature certificate, the registration server querying a directory 
containing reference information of users of the enterprise to obtain information regarding the identified 

30 user (Yacobi: Col 8, line 50 to Col 9, line 23); 



Application/Control Number: 09/823,701 Page 3 

Art Unit: 2137 

c) and upon the registration server receiving information from the directory indicating that the 
identified user already possesses a signature certificate, the registration server informing the user that a 
new signature certificate will not be issued until the old signature certificate has been revoked, thereby 
preventing an unauthorized user from ID spoofing to obtain a valid signature certificate (Yacobi: Col 8, 
line 50 to Col 9, line 23; Texas DPS: page 1); 

d) and maintaining a one-to-one correspondence between users of the enterprise and signature 
certificates (Yacobi: Col 13, lines 1-2); 

Yacobi discloses ail the limitations of the above claim except for the specific limitation of 
"informing a user that a new signature certificate will not be issued until the old signature has been 
revoked". In Yacobi, upon the registration server receiving information that the user who is applying for a 
new certificate still has a valid certificate, the registration server simply revokes the old certificate as a 
new certificate is formed in order to satisfy the system's requirement that each valid user has exactly one 
certificate at any one time (Col 13, lines 1-2). 

Texas DPS discloses the idea of notifying a user of revocation of a form of identification before 
issuing a new form of identification. More specifically, Texas DPS discloses the well-known idea that 
when a user applies for a new form of identification, he is notified that the new form will not be issued until 
the old form is revoked as he is required by an authority to surrender his valid or expired Driver's License 
before he receives his new form of identification. It would have been obvious to one of ordinary skill in 
the art at the time the invention was filed to combine the ideas of Texas DPS with those of Yacobi and 
"inform" the user of the surrender so the user is aware of the process taking place. 

As per claims 2 and 1 0, the applicant limits the method of claims 1 and 9, which are met by 
Yacobi in view of Texas DPS, with the following limitation which is met by Yacobi: 

Further comprising providing user identifiers and their corresponding digital signature certificates 
in said directory (Yacobi: Col 9, lines 10-16) 
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Claims 5-6 and 13-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over Yacobi in 
view of Vaeth, U.S. Patent No. 6,308,277. 

As per claims 5 and 1 3, the applicant describes a method of preventing ID spoofing of a public 
5 key infrastructure in an enterprise comprising the following limitations which are met by Yacobi in view of 
Vaeth: 

a) allowing a user to access a registration server (Yacobi: Col 8, line 50 to Col 9, line 23); 

b) upon the registration server receiving identification information from the user and also receiving 
a request by the user for a new signature certificate, the registration server querying a directory 

10 containing reference information of users of the enterprise to obtain information regarding the identified 
user (Yacobi: Col 8, line 50 to Col 9, line 23); 

c) and upon the registration server receiving information from the directory indicating that the 
identified user is not in the directory, the registration server informing the user that a signature certificate 
will not be issued, thereby preventing an unauthorized user from ID spoofing to obtain a valid signature 

15 certificate (Vaeth: Col 8, lines 41-54); 

d) and maintaining a one-to-one correspondence between users of the enterprise and signature 
certificates (Col 13, lines 1-2); 

Yacobi discloses ail the limitations of the above claim. Yacobi does not specifically disclose 
informing a user that a certificate will not be issued. The idea of informing a user that a certificate will not 
20 be issued is disclosed by Vaeth. It would have been obvious to one of ordinary skill in the art at the time 
the invention was filed to combine the ideas of Vaeth with those of Yacobi because notifying a user that a 
certificate will not be issued informs the user of an authentication error and gives the user the opportunity 
to take appropriate action. 

25 As per claims 6 and 14, the applicant limits the method of claims 5 and 1 3, which are met by 

Yacobi in view of Vaeth, with the following limitation which is also met by Yacobi: 
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Further comprising providing user identifiers and their corresponding digital signature certificates 
in said directory (Yacobi: Col 9, lines 10-16) 

Claim 3 and 1 1 are rejected under 35 U.S.C. 103(a) as being unpatentable over Yacobi in view of 
Texas DPS in further view of Zhou (Zhou, Tao. "Directory Integration and the Metadirectory". July 1999. 
Windows IT Pro). 

As per claims 3 and 1 1, the applicant limits independent claims 1 and 9, which are met by Yacobi 
in view of Texas DPS, with the following limitation which is met by Zhou: 

further comprising providing an authoritative database including user identifiers, wherein the 
directory is updated from the authoritative database (Zhou: pages 1-2). 

However, Yacobi fails to disclose the use of an authoritative database. Zhou discloses the 
benefit of using directory integration with an authoritative database of user identifiers which he calls a 
metadirectory. In the second paragraph Zhou writes, "Directory integration lets network administrators 
manage directory information from one directory and automate the process of changing information in 
multiple directories. In the short run, directory integration lowers the cost of directory management 
because it reduces human involvement in directory management. A comprehensive directory-integration 
system often requires an enterprise directory to store and unify directory information in a central 
repository, or metadirectory. In the long run, you can incorporate into a metadirectory new network 
services— for example, ... public key infrastructure (PKI) t to manage digital certificates for e-commerce". 

An authoritative database including user identifiers would be an obvious improvement in 
Yacobi's system because it would allow one centrally managed database to update various bank sites. It 
would have been obvious to one of ordinary skill in the art at the time the invention was filed to combine 
the ideas of Zhou with the ideas of Yacobi because one would have motivation to use an authoritative 
database to better manage digital certificates as Zhou discloses. 
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Claim 7 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Yacobi in view of 
Vaeth in further view of Zhou (Zhou, Tao. "Directory Integration and the Metadirectory". July 1999. Windows IT 
Pro). 

5 As per claims 7 and 15, the claims are rejected for the same reasons as given in the rejection of 

claims 3 and 11. 

Claims 4 and 12 are rejected under 35 U.S.C. 103(a) as being unpatentable over Yacobi in view 
of Texas DPS in further view of Fischer, U.S. Patent No. 5,214,702, 

10 

As per claims 4 and 1 2, the applicant limits the method of claim 1 and 9, which are met by Yacobi 
in view of Texas DPS, with the following limitation which is met by Fischer: 

Further comprising providing a personal revocation authority to revoke a user's previous 
signature certificate, the personal revocation authority being chosen so as to personally recognize a user 
15 (Col 13, lines 46-47); 

Yacobi discloses all the limitations of independent claims 1,5,9, and 13. However, Yacobi fails to 
disclose a person who is a revocation authority in charge of personally recognizing users. 

Fischer discloses the idea that a "certifier may empower another person to cancel other 
certificates which the certifier has produced" (Col 13, lines 46-47). Fischer discloses the idea that a 
20 person, not a computer, can revoke certificates which is absent from Yacobi. Since a person is the 
revocation authority, he can personally recognize a user. 

It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
combine the ideas of Fischer with those of Yacobi and incorporate the idea of a personal revocation 
authority to add another element of security into Yacobi's system through personally being able to identify 
25 users to prevent ID spoofing. 
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Claims 8 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Yacobi in view 
of Vaeth in further view of Fischer, U.S. Patent No. 5,214,702. 

As per claims 8 and 16, the claims are rejected for the same reasons as given in the rejection of 
claims 4 and 12. 

Response to Arguments 

Applicant's arguments with respect to claims 1 and 9 have been considered but are moot in view 
of the new ground(s) of rejection. 

Applicant's arguments with respect to claims 5 and 13 have been considered but are moot in view 
of the new ground(s) of rejection. 



This action is made non-final. Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Kevin Schubert whose telephone number is 
(571) 272-4239. The examiner can normally be reached on M-F 7:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Emmanuel Moise can be reached on (571) 272-3868. The fax phone number for the organization where 
this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). ^ 



Conclusion 




''MANUEL L. MOISE 
ViSORY PATENT EXAMINER 



